Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Mandiant, VMware and US-CERT warn of malware targeting VMware ESXi servers
[German]Google-acquired security vendor Mandiant has encountered a new malware family (VirtualPITA, VirtualPIE, and VirtualGATE) that targets virtualization solutions like VMware ESXi Server and uses specialized techniques to infiltrate. VMware has issued a security advisory to that effect, and US-CERT is … Continue reading
Microsoft's recommendations for Exchange Server 0-day vulnerability ZDI-CAN-18333
[German]Last night I had reported on the blog about a 0-day vulnerability ZDI-CAN-18333 in Microsoft's on-premises Exchange Servers, which is already being exploited in the wild. Within hours, Microsoft has now responded and confirmed that they are currently investigating two … Continue reading
Exchange Server servers attacked via 0-day exploit (Sept. 29, 2022)
[German]There are reports that a new zero-day exists in Microsoft Exchange that is being actively exploited in the wild. Security researchers confirm that some installations – including a honeypot – are already infected. Details about the zero-day are not yet … Continue reading
Barracuda Networks: Spam filter/virus scan blocks mails globally (September 29, 2022)
[German]Brief notification for administrators who use a mail protection / security solution from Barracuda Networks in an enterprise environment. Since tonight (September 29, 2022) there seems to be a problem that emails get stuck in their spam filters (Email Security … Continue reading
Malware trend August 2022: Emotet no more #1
[German]CheckPoint has released its Global Threat Index for August 2022, a top list of malware infections. Surprisingly for me, the previously frequently mentioned Emotet ransomware has been displaced from the top spot it held in previous months. Now, a malware … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
HP printers: Critical vulnerability (Sept. 2022)
[German]HP has published a warning about a buffer overflow vulnerability in the firmware of various printer models (Inkjet, Laserjet Pro and HP PageWide Pro printers) on September 21, 2022. One vulnerability even potentially allows remote code execution (RCE). Firmware updates … Continue reading
Sophos XG Firewall: RCE vulnerability (CVE-2022-3236)
[German]Vendor Sophos warns about a remote code execution vulnerability in its firewall. There is a code injection vulnerability in the Sophos XG Firewall user portal and web admin (UTM products not affected). This vulnerability is already being exploited in a … Continue reading
WhatsApp: Two vulnerabilities allow remote code execution
[German]Meta subsidiary WhatsApp warns about two vulnerabilities in its apps for Android and iOS that put users' security at risk. Both vulnerabilities allow remote code execution – so the apps should be updated promptly.
Windows 11 strengthens SMB traffic protection
[German]Microsoft is starting to improve protection for the SMB protocol in Windows 11. Thus, Microsoft has introduced a delay between SMB authentications in Windows 11 (in Insider Previews). This is intended to prevent spying on SMB traffic. There is also … Continue reading
17 year old arrested in England for Uber hack, member of Lapsus$ group?
[German]In the last few days, I reported on various hacks at the ride service provider Uber, at Rockstar Games, and so on. A hacker with the alias Tea Pot claims to be only 18 years old and to have penetrated … Continue reading